Hackers are storing malware in Google Drive as encrypted ZIP files
With the growing usage of cloud-based services, fraudsters have discovered a new technique to transmit malware while avoiding detection by security solutions. One of the most recent strategies used by hackers is to store malware in Google Drive as encrypted ZIP files.
This method enables hackers to circumvent security systems that monitor the network perimeter or local devices for malware. Encrypting the dangerous payload allows hackers to effortlessly store and disseminate malware without triggering any red flags.
The procedure of storing malware on Google Drive begins with the production of an encrypted ZIP file. The hacker then saves the ZIP file to a Google Drive account, where it will remain until required. To spread the malware, the hacker can simply send the victim the encrypted ZIP file via email or a file-sharing site.
When the victim receives the encrypted ZIP file, they are required to provide a password in order to decrypt it. The hacker can then provide the victim the password, allowing them to access the harmful payload contained within the archive. Once extracted, the payload can execute and infect the victim’s machine.
One of the reasons this strategy works so well is that Google Drive is a trustworthy platform that is widely used by both individuals and businesses. This reduces the likelihood of harmful activity being caught by security systems, which may be more focused on monitoring traffic from less trustworthy sources.
Another benefit of putting malware in encrypted ZIP files on Google Drive is that hackers can spread malware to specific victims. Hackers can boost the likelihood of the victim downloading and executing the malicious payload by sending a customised email to a specific victim and providing a link to the encrypted ZIP file.
See more: Goldoson Android malware affects 60 apps with 100M installs
Organisations must put in place robust security mechanisms that can identify and prevent malicious behaviour on cloud-based systems like Google Drive if they want to safeguard themselves against this kind of assault. Strong security policies that limit access to critical data and apps can be implemented as well as the use of sophisticated threat detection tools that can scan for harmful activity inside encrypted files.
Additionally, it’s critical for people to be on guard and use caution when downloading files or emails from unidentified sources. This may entail checking the sender’s legitimacy and checking files for malware before opening them.
See more: Akamai to Buy Startup Neosec for API Detection and Response
The usage of encrypted ZIP files saved on Google Drive is a new approach used by hackers to transmit malware and avoid detection. To avoid this type of attack, organisations and individuals should install strong security measures and practise vigilance when downloading files or emails from unknown sources.
Author: Priyanka Priyadarshini Dwibedy
We hope you found article interesting. For more exclusive content follow us on Facebook, Twitter and LinkedIn